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IN THE CLAIMS 

1. (Original) A computer program product for determining if any of a plurality of groups may 
have an improper actual level of privilege, said computer program product comprising: 

a computer readable medium; 

first program instructions to compare members within each of said groups to a list of 
trusted individuals; 

second program instructions to determine if any groups with an actual privilege level 
higher than user level privilege have a member not on the list of trusted individuals, and if so, 
generate a report identifying said at least one member not on the list of trusted individuals and 
the group in which said at least one member is a member; and 

third program instructions to determine if any group with an actual privilege level higher 
than user level privilege has a group name on a list of group names generally used for a group 
with user level privilege, and if so, generate a report that said group with the higher actual 
privilege level has a group name generally used for a group with user level privilege, such that 
the members of said groups with the higher actual privilege having a group name generally used 
for a group with user level privilege are revealed as trusted or not trusted; and wherein 

said first, second and third program instructions are recorded on said medium. 

2. (Original) A computer program product as set forth in claim 1 wherein there are a plurality of 
applications or application instances, and a same group can be assigned different privilege levels 
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for involvement with different applications or application instances; and said third program 
instructions makes its determination separately for each application or application instance. 

3. (Original) A computer program product as set forth in claim 1 further comprising: 

fourth program instructions to determine if any groups with an actual privilege level 
higher than user level privilege have a group name not on a list of group names generally used 
for a group with the higher level privilege, and if so, generate a report that said group with the 
higher actual privilege level has a group name not on a list of group names generally used for a 
group with the higher level privilege, such that the members of said groups with the higher actual 
privilege having a group name not generally used for a group with the higher level privilege are 
revealed as trusted or not trusted; and wherein 

said fourth program instructions are recorded on said medium. 

4. (Original) A computer program product as set forth in claim 1 wherein said second program 

instructions determine if any group with an actual privilege level higher than user level privilege 
have all of its members on the list of trusted individuals, and if so, generate a report that said 
group with the higher actual privilege level has all its members on the list of trusted individuals. 

5. (Original) A computer program product as set forth in claim 1 further comprising fourth 
program instructions to determine if all the members of said groups with the higher actual 
privilege having a group name generally used for a group with user level privilege are on the list 
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of trasted individuals; and wherein said fourth program instructions are recorded on said 
medium. 

6. (Original) A computer system for determining if any of a plurality of groups may have an 
improper actual level of privilege, said computer system comprising: 

means for comparing members within each of said groups to a list of tmsted individuals; 
means for determining if any groups with an actual privilege level higher than user level 
privilege have a member not on the list of trusted individuals, and if so, generate a report 
identifying said at least one member not on the list of trusted individuals and the group in which 
said at least one member is a member; and 

means for determining if any group with an actual privilege level higher than user level 
privilege has a group name on a list of group names generally used for a group with user level 
privilege, and if so, generate a report that said group with the higher actual privilege level has a 
group name generally used for a group with user level privilege, such that the members of said 
groups with the higher actual privilege having a group name generally used for a group with user 
level privilege are revealed as trusted or not trusted. 

7. (Original) A computer system as set forth in claim 6 wherein there are a plurality of 

applications or application instances, and a same group can be assigned different privilege levels 
for involvement with different applications or application instances; and said means for 
determining if any group with an actual privilege level higher than user level privilege has a 
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group name generally used for a group with user level privilege makes its determination 
separately for each application or application instance. 

8. (Original) A computer system as set forth in claim 6 further comprising: 

means for determining if any groups with an actual privilege level higher than user level 
privilege have a group name not on a list of group names generally used for a group with the 
higher level privilege, and if so, generate a report that said group with the higher actual privilege 
level has a group name not generally used for a group with the higher level privilege, such that 
the members of said groups with the higher actual privilege having a group name not generally 
used for a group with the higher level privilege are revealed as trusted or not trusted. 

9. (Original) A computer system as set forth in claim 6 wherein said means for determining if 
any groups with an actual privilege level higher than user level privilege have a member not on 
the list of trusted individuals determines if any group with an actual privilege level higher than 

user level privilege have all of its members on the list of trusted individuals, and if so, generates 
a report that said group with the higher actual privilege level has all its members on the list of 
trusted individuals. 

10. (Original) A computer system as set forth in claim 6 further comprising means for 
determining if all the members of said groups with the higher actual privilege having a group 
name generally used for a group with user level privilege are on the list of trusted individuals. 
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1 1 . (Original) A computer program product for determining if any of a plurality of groups may 
have an improper actual level of privilege, said computer program product comprising: 

a computer readable medium; 

first program instructions to compare members within each of said groups to a list of 
trusted individuals; 

second program instmctions to determine if any groups with an actual privilege level 
higher than user level privilege have a member not on the list of trusted individuals, and if so, 
generate a report identifying said at least one member not on the list of trusted individuals and 
the group in which said at least one member is a member; and 

third program instructions to determine if any groups with an actual privilege level higher 
than user level privilege have a group name not on a list of group names generally used for a 
group with the higher level privilege, and if so, generate a report that said group with the higher 
actual privilege level has a group name not generally used for a group with the higher level 
privilege, such that the members of said groups with the higher actual privilege having a group 
name not generally used for a group with the higher level privilege are revealed as trusted or not 
trusted; and wherein 

said first, second and third program instructions are recorded on said medium. 

12. (Original) A computer program product as set forth in claim 1 1 wherein there are a plurality 
of applications or application instances, and a same group can be assigned different privilege 
levels for involvement with different applications or application instances; and said third 
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program instructions makes its determination separately for each application or application 
instance. 

13. (Original) A computer program product as set forth in claim 11 wherein said second 
program instructions determine if any group with an actual privilege level higher than user level 

privilege have all of its members on the list of tmsted individuals, and if so, generate a report that 
said group with the higher privilege level has all its members on the list of trusted individuals. 

14. (Original) A computer program product as set forth in claim 11 further comprising fourth 
program instructions to determine if all the members of said group with the higher actual 
privilege having a group name not generally used for a group with higher level privilege are on 
the list of trusted individuals; and wherein 

said fourth program instructions are recorded on said medium. 

15. (Original) A computer program product for managing privileges of groups, said computer 
program product comprising: 

a computer readable medium; 

first program instructions to compare members within each of said groups to a list of 
trusted individuals; 

second program instructions to determine if any groups with an actual privilege level 
higher than user level privilege have a member not on the list of trusted individuals, and if so, 
remove said member not on the list of trusted individuals from said group; and wherein 
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said first and second program instructions are recorded on said medium. 

16. (Original) A computer program product for managing privileges of groups, said computer 
program product comprising: 

a computer readable medium; 

first program instmctions to determine if any group with an actual privilege level higher 
than user level privilege has a group name on a list of group names generally used for a group 
with user level privilege or no privilege; and 

second program instructions, responsive to a determination of a group with an actual 
privilege level higher than user level privilege with a group name generally used for a group with 
user level privilege or no privilege, to compare members of such group to a list of trusted 
individuals, and if any member(s) of such group do not appear on said list of trusted individuals, 
remove said member(s) from such group that do not appear on the said list of trusted individuals; 
and wherein 

said first and second program instructions are recorded on said medium. 

17. (Original) A computer program product for managing privileges of groups, said computer 
program product comprising: 

a computer readable medium; 

first program instructions to determine if any group with an actual privilege level higher 
than user level privilege has a group name not on a list of group names generally used for a 
group with privilege level higher than user level privilege; and 
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second program instructions, responsive to a determination of a group with an actual 
privilege level higher than user level privilege with a group name not generally used for a group 
with privilege level higher than user level privilege, to compare members of such group to a list 
of trusted individuals, and if any member(s) of such group do not appear on said list of trusted 
individuals, lower the actual privilege level of said group; and wherein 

said first and second program instructions are recorded on said medium. 
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